Japanese entities experienced 114 cases of damage-causing ransomware attacks in the first half of this year, up 87 percent from a year earlier, the National Police Agency said Thursday.
Of the reported ransomware cases, in which attackers demanded payment in exchange for restoring access to company data made unavailable through encryption, 59 targeted medium and small businesses and 36 were large enterprises. They included 37 manufacturers, 20 service companies and five hospitals, according to the agency.
In one of the cases reported in the six months to June, Toyota Motor Corp was forced to suspend operations at its 14 factories nationwide for a day after parts supplier Kojima Industries Corp was hit by a ransomware attack on February 28.
So-called double extortion ransomware attacks, in which attackers demand ransom payment to decrypt the data they have accessed while threatening to publicly disclose the attack if the target does not pay, accounted for 53 of 81 cases in which the police were able to confirm the type of attack.
A survey of targeted companies and organizations showed that in the majority of the 49 cases for which responses were received, victims spent 10 million yen ($70,000) or more to investigate the extent of the damage and recover data.
In at least 36 of the 48 cases where companies had backed up their data, they were still unable to recover their records.
The agency warns that even backed up data can be encrypted in attacks and the damage can go beyond the suspension of business operations.
Emotet, a powerful ransomware that spreads via emails containing files and links, was temporarily taken down in January 2021 in a coordinated operation involving US and European authorities, but has started to cause damage again heightened from around February, with a new iteration designed to steal credit cards. information stored online.
The agency said the number of cyberattacks and other suspicious access attempts detected at police internet hotspots averaged 7,800.3 per IP address per day, 70% of which came from states. United States, Great Britain, China and Russia.
The country’s police force also took action in 5,889 cybercrime cases in the six months, up 492 from the previous year, with 233 cases involving alleged breaches of the law prohibiting unauthorized access. authorized to a computer.